Use EAA for Gov as a SAML IdP

In Enterprise Application Access for Gov (EAA for Gov) you can use a third-party SAML identity provider (IdP) or Enterprise Application Access for Gov as the SAML IdP to authenticate access to your applications. When you configure ​Akamai​ as the provider type for an IdP, you grant Enterprise Application Access for Gov permission to communicate with the native application directly as the SAML IdP source. This means that with SAML IdP provided by Enterprise Application Access for Gov, Enterprise Application Access for Gov is the identity provider (IdP). When you add a SAML, or SaaS, application to Enterprise Application Access for Gov, the application is the service provider (SP). When an IdP such as Enterprise Application Access for Gov and a SP such as a SaaS application both implement SAML, they are able to seamlessly authenticate accredited users associated with the IdP to use the SP.

In order for EAA for Gov applications to allow Enterprise Application Access for Gov as the IdP to authenticate, the application needs information about the user. This information is User Attributes. Enterprise Application Access for Gov is able to authenticate users of the applications from their credentials in the EAA for Gov Cloud Directory or the Active Directory (AD) as it is synced with the Enterprise Center.

Here is an outline of the workflow to set Enterprise Application Access for Gov as the SAML IdP for an application:

1. Add a new identity provider.

2. Configure EAA for Gov as an IdP for a custom SaaS application.

3. Configure SAML for an Access application.

4. Create user attributes in EAA for Gov.

5. Map user attributes of the directory.